OWASP AntiSamy CVE-2017-14735 Cross Site Scripting Vulnerability

Description OWASP AntiSamy is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may let the...

Cisco Prime Infrastructure and EPNM DashboardRenderer XML External Entity Injection (CVE-2017-6662)

A directory traversal vulnerability exists in Oracle Fusion Middleware MapViewer. The vulnerability is due to a lack of proper input sanitization on multipart form-data requests in FileUploaderServlet. A remote attacker can exploit this vulnerability by sending a maliciously crafted HTTP request...

Oracle Fusion Middleware MapViewer FileUploaderServlet fileName Directory Traversal (CVE-2017-3230)

A directory traversal vulnerability has been reported in Oracle Fusion Middleware MapViewer. The vulnerability is due to a lack of proper input sanitization on multipart form-data requests in FileUploaderServlet. A remote attacker can exploit this vulnerability by sending a maliciously crafted HT...

CVE-2017-3230

Vulnerability in the Oracle Fusion Middleware MapViewer component of Oracle Fusion Middleware subcomponent: Map Builder. Supported versions that are affected are 11.1.1.9, 12.2.1.1 and 12.2.1.2. Easily "exploitable" vulnerability allows unauthenticated attacker with network access via HTTP to...

Design/Logic Flaw

Vulnerability in the Oracle Fusion Middleware MapViewer component of Oracle Fusion Middleware subcomponent: Map Builder. Supported versions that are affected are 11.1.1.9, 12.2.1.1 and 12.2.1.2. Easily "exploitable" vulnerability allows unauthenticated attacker with network access via HTTP to...

CVE-2017-3230

CVE-2017-3230 affects Oracle Fusion Middleware MapViewer (Map Builder) with MapViewer versions 11.1.1.9, 12.2.1.1, 12.2.1.2. Connected advisories describe concrete flaws in FileUploaderServlet: a directory traversal/ improper input validation on multipart form-data can be exploited by unauthentic...

CVE-2017-3230

Vulnerability in the Oracle Fusion Middleware MapViewer component of Oracle Fusion Middleware subcomponent: Map Builder. Supported versions that are affected are 11.1.1.9, 12.2.1.1 and 12.2.1.2. Easily "exploitable" vulnerability allows unauthenticated attacker with network access via HTTP to...

CVE-2017-3230

Vulnerability in the Oracle Fusion Middleware MapViewer component of Oracle Fusion Middleware subcomponent: Map Builder. Supported versions that are affected are 11.1.1.9, 12.2.1.1 and 12.2.1.2. Easily "exploitable" vulnerability allows unauthenticated attacker with network access via HTTP to...

Oracle Fusion Middleware MapViewer Remote Vulnerability

Oracle Fusion Middleware is a comprehensive middleware portfolio of SOA and middleware products. Oracle Fusion Middleware MapViewer versions 11.1.1.9, 12.2.1.1, 12.2.1.2 suffer from a remote security vulnerability that could allow an attacker to compromise confidentiality, integrity, and...

Oracle Fusion Middleware MapViewer FileUploaderServlet fileName Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Oracle Fusion Middleware MapViewer. Authentication is not required to exploit this vulnerability. The specific flaw exists within the FileUploaderServlet servlet. When parsing the fileName paramete...

Apache MyFaces Trinidad CVE-2016-5019 Remote Code Execution Vulnerability

Description Apache MyFaces Trinidad is prone to a security vulnerability. Successfully exploiting this issue allows attackers to obtain sensitive information or execute arbitrary code in the context of the affected application. Apache MyFaces Trinidad 1.2.14-core , 1.0.13-core , 2.0.1-core and...

Oracle MapViewer Detection

Binary data oraclemapviewerdetect.nbin...

Oracle MapViewer Multiple Vulnerabilities (July 2012 CPU)

According to its self-reported version number, the version of Oracle Fusion Middleware MapViewer installed on the remote host is affected by the following vulnerabilities : - There is an unspecified flaw related to the Oracle Maps subcomponent that allows a remote attacker to gain access to...

CVE-2012-3115

Unspecified vulnerability in the Oracle MapViewer component in Oracle Fusion Middleware 10.1.3.1, 11.1.1.5, and 11.1.1.6 allows remote attackers to affect integrity via unknown vectors related to Install...

CVE-2012-1749

Unspecified vulnerability in the Oracle MapViewer component in Oracle Fusion Middleware 10.1.3.1 and 11.1.1.5 allows remote attackers to affect confidentiality via unknown vectors related to Oracle Maps...

CVE-2012-1736

Unspecified vulnerability in the Oracle MapViewer component in Oracle Fusion Middleware 10.1.3.1 allows remote attackers to affect confidentiality via unknown vectors related to Oracle Maps...

Design/Logic Flaw

Unspecified vulnerability in the Oracle MapViewer component in Oracle Fusion Middleware 10.1.3.1 and 11.1.1.5 allows remote attackers to affect confidentiality via unknown vectors related to Oracle Maps...

CVE-2012-3115

Oracle Fusion Middleware MapViewer is affected by CVE-2012-3115 in the Install subcomponent, allowing a remote attacker to impact integrity in MapViewer versions 10.1.3.1, 11.1.1.5, and 11.1.1.6. The description specifies an unspecified vulnerability with unknown vectors related to Install; no co...

CVE-2012-3115

Unspecified vulnerability in the Oracle MapViewer component in Oracle Fusion Middleware 10.1.3.1, 11.1.1.5, and 11.1.1.6 allows remote attackers to affect integrity via unknown vectors related to Install...

CVE-2012-1736

CVE-2012-1736 affects Oracle Fusion Middleware MapViewer (10.1.3.1) and is described as an unspecified vulnerability in the MapViewer component that allows remote attackers to affect confidentiality via unknown vectors in Oracle Maps. The linked Nessus plugin also references CVEs 2012-1749 and 20...